Windows Information Systems Security Officer

INTRODUCTION Contractor services are required to assist FLENUMMETOCCEN personnel in providing cybersecurity services in support of the Information Systems Security Officer (ISSO) (Windows) activities for the Cyber Security group. Work will include planning, scanning, validation, analysis, documentation, reporting and coordination of Cybersecurity (CS) requirements for Windows computing systems. SCOPE
This requirement is for surge support to assist FLENUMMETOCCEN in providing cybersecurity services in support of the ISSO (Windows) activities for the Cybersecurity group. The scope includes:
• Perform assigned CS duties associated with unclassified, classified Microsoft Windows systems
• Perform assigned CS duties associated with unclassified and classified network systems
• Perform assigned CS tasks using established Federal, DOD and Navy CS policies and procedures
• Perform work that is varied, may be somewhat difficult in nature and involves limited technical direction
• Perform Cyber Security Officer duties to include incident handling, event management, network analysis, system-level auditing per established Federal, DOD and Navy CS policies and procedures
• Coordinate with DOD and Navy agencies for resolution of all CS incidents and event management issues
• Scan, monitor, audit, harden and implement CS safeguards for MS Windows systems in accordance with Federal, DOD and Navy CS policy and procedures
• Report unauthorized physical and electronic access to MS Windows system
• Perform MS Windows system device log analyses for unauthorized access or unauthorized elevation of permissions and note any deviance from normal system activities
• Assess MS Windows system CS defensive posture, report gaps, and recommend solutions to harden systems per Federal, DOD and Navy CS policy and procedures
• Provide information to ISSM in support of Certification and Accreditation (C&A) data calls and compliance initiatives
• Assist in conducting CS safeguard tests in accordance with ISSM guidance
• Participate in CS risk assessments
• Participate in CS Continuity of Operations planning, testing and evaluation
• Ensure necessary reporting is captured and maintained for evaluation per ISSM guidance
• Ensure conformity of password policies per Federal, DOD and Navy CS policy and procedure
• Provide and monitor security counter measures per Federal, DOD and Navy CS policy and procedure
• Assist with coordination of CS activities associated with remote access per ISSM guidance
• Comply with Federal, DOD and Navy CS policy and procedure regarding the proper handling of personal, confidential and privacy act information
• Attend meetings
• Perform work with limited technical direction and in accordance with ISSM guidance
• Coordinate timely notification and resolution of pending CS issues to include FISMA POA&M, pending items in the Vulnerability Remediation Asset Manager (VRAM) SPECIFIC TASKING The objective of this requirement is to provide senior-level support services to the Windows ISSO, assuring FNMOC computer systems are maintaining a high-degree of CS defensive safeguards and adherence to approved Federal, DOD and Navy CS compliance objectives. The vendor shall: 1. Leverage the Windows System Baseline Activity 2. Leverage the Windows System Baselines to Detect Anomalies Associated With System 3. Conduct Daily Inspections of the Windows Systems Baselines 4. Conduct daily inspections of the Windows Systems device logs for unauthorized electronic access and/or permissions escalation 5. Work with third party government agencies to report, resolve and prevent CS incidents and events of concern 6. Provide weekly status report (WSR) to the ISSM. The WSR shall provide details around the following:
• Results of physical and electronic inspections
• Percent of systems evaluated
• Any modification to system baselines
• Synopsis of anomalies observed
• Synopsis of CS incidents detected and being worked
• Synopsis CS events detected and being worked
• Known vulnerabilities
• Recommendations to shore up system device CS defensive posture
• Any other pertinent information to the day's CS detection activity 7. Participate in technical meetings 8. Assist the ISSM in creating and presenting documents pertaining to CS policy, technical procedures, and guidelines. Documents can include CS Requirements, Risk Assessments, and Policy Statements 9. Provide monthly status reports (MSRs) to the ISSM and Technical Assistant. The MSR shall provide a high-level monthly summary of activities and project challenges as well as anticipated direction. The MSR shall contain the following sections:
• A Brief Description of Requirements
• Summary of Accomplishments and Significant Events
• Deliverables Assigned/Milestones/Status
• Deliverables Submitted
• Current or Anticipated Issues
• Government-Identified Topics and Issues
• Summary of Activity Planned for the Next Reporting Period
• Task Financial Status
• Resource Planning/Status 10. Work with the ISSM in conducting internal audits of the IT infrastructure. Ensure necessary CS reporting is captured and maintained for future evaluation. 11. Ensure conformity of password policies per Federal, DOD and Navy CS policy and procedure 12. Provide and monitor security counter-measures per Federal, DOD and Navy CS policy and procedure. 13. Assist with coordination and evaluation of CS activities related to remote access, including Virtual Private Networking (VPN) 14. Coordinate timely notification and resolution of pending CS issues to include Federal Information System Management Act (FISMA) Plan of Action and Milestones (POA&M) and pending items in the Vulnerability Remediation Asset Manager (VRAM) 15. Comply with SECNAVINST 5239. 20A, "Department of the Navy Cyberspace Information Technology and Cybersecurity Workforce Management and Qualification" (also see DOD 8570.01-M), program development, coordination, and administration. PLACE OF PERFORMANCE The primary place of performance shall be on-site at the FLENUMMETOCCEN facility located at 7 Grace Hopper Avenue, Monterey, CA 93943. The primary work setting is a general office area environment. Contactor tasks may require work anywhere within the FLENUMMETOCCEN compound including the computer center(s).